What is Cloudbleed?
The Cloudbleed security bug affects the reverse proxies of the internet services provider Cloudflare and led to the exposure of private information such as HTTP cookies, authentication tokens, and other sensitive data to search engine caches. It was discovered last week.
Cyara’s Response to the Threat
Cyara does not use Cloudflare for any Cyara-operated services, so no customer data handled by Cyara is at risk.
The third-party service Cyara uses to interact with customers in a support capacity, Zendesk, does use Cloudflare, but only for their marketing website (see Zendesk’s advisory here). However, the part of the Zendesk site Cyara uses does not transit through Cloudflare, and Cyara has not exposed any customer data.
We are in the process of auditing every service we use and rotating passwords as necessary.
At Cyara, our customers are our most important assets. We will continue to closely monitor vulnerabilities that are discovered, and keep you informed. If you have any further questions or concerns regarding the Cloudbleed vulnerability, please contact your account representative or the Cyara Support Team.
Thank you for being a valued Cyara customer.